RE: Certificates with less than 64 bits of entropy

Fri, 11 Aug 2017 07:26:46 -0700 

With regard to Siemens, given the large number of certificates and the 
disruption that massive revocations will have on their infrastructure, what 
does this community expect them to do?

-----Original Message-----
From: dev-security-policy 
[mailto:dev-security-policy-bounces+ben=digicert....@lists.mozilla.org] On 
Behalf Of Jeremy Rowley via dev-security-policy
Sent: Thursday, August 10, 2017 12:01 PM
To: Jonathan Rudenberg <jonat...@titanous.com>; 
mozilla-dev-security-pol...@lists.mozilla.org
Subject: RE: Certificates with less than 64 bits of entropy

Hi Jonathan, 

InfoCert's sub CA was revoked on August 1, 2017. We'll reach out to Siemens. 
They moved to Quovadis a while ago and are no longer issuing from that Sub CA.

Jeremy

-----Original Message-----
From: dev-security-policy 
[mailto:dev-security-policy-bounces+jeremy.rowley=digicert....@lists.mozilla.org]
 On Behalf Of Jonathan Rudenberg via dev-security-policy
Sent: Thursday, August 10, 2017 9:26 AM
To: mozilla-dev-security-pol...@lists.mozilla.org
Subject: Re: Certificates with less than 64 bits of entropy


> On Aug 10, 2017, at 11:20, Jonathan Rudenberg via dev-security-policy 
> <dev-security-policy@lists.mozilla.org> wrote:
> 
> QuoVadis (560)
>    Siemens Issuing CA Internet Server 2016 (560)
> 
> D-TRUST (224)
>    D-TRUST SSL Class 3 CA 1 2009 (178)
>    D-TRUST SSL Class 3 CA 1 EV 2009 (45)
>    D-TRUST Root Class 3 CA 2 EV 2009 (1)
> 
> DigiCert (85)
>    Siemens Issuing CA Class Internet Server 2013 (82)
>    InfoCert Web Certification Authority (3)
> 
> Izenpe S.A. (62)
>    EAEko Herri Administrazioen CA - CA AAPP Vascas (2) (62)
> 
> Government of The Netherlands, PKIoverheid (Logius) (55)
>    Digidentity Services CA - G2 (55)
> 
> Government of Turkey, Kamu Sertifikasyon Merkezi (Kamu SM) (38)
>    Cihaz Sertifikası Hizmet Sağlayıcı - Sürüm 4 (38)

It looks like my summary missed one QuoVadis intermediate:

Bayerische SSL-CA-2016-01 (3)

_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Reply via email to